Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual
Page 112
94
Multi-Service IronWare Security Configuration Guide
53-1003035-02
Access Control List
3
This chapter discusses the IPv4 Access Control List (ACL) feature, which enables you to filter traffic
based on the information in the IP packet header. For details on Layer 2 ACLs, refer to
“Layer 2 Access Control Lists”
. For details on IPv6 ACLs, refer to
Chapter 4, “Configuring an IPv6
You can use IPv4 ACLs to provide input to other features such as route maps, distribution lists, rate
limiting, and BGP. When you use an ACL this way, use permit statements in the ACL to specify the
traffic that you want to send to the other feature. If you use deny statements, the traffic specified
by the deny statements is not supplied to the other feature. Refer to the chapters for a specific
feature for information on using ACLs as input to those features.
ACL CAM
sharing for
Inbound ACLs
Yes
Yes
No
No
No
No
No
CAM sharing
Yes
Yes
No
No
No
No
No
ACL Deny
Logging
Yes
Yes
Yes
Yes
Yes
Yes
Yes
ACL Accounting
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Ability to bind L2
ACL and L3 or 4
ACL
concurrently
No
No
Yes
Yes
Yes
Yes
Yes
L3 or 4 ACLs
and ACL-based
QoS
No
No
Yes
Yes
Yes
Yes
Yes
Receive ACL
(rACL) Statistics
Yes
Yes
No
No
No
No
No
Support for
named rACLs
Yes
Yes
Yes
Yes
Yes
No
No
Disabling
Outbound ACLs
for Switching
Traffic
Yes
Yes
No
No
No
No
No
Support for
acl-frag-conserv
ative
Yes
Yes
No
No
No
No
No
Support for
“priority”
keyword in ACLs
Yes
Yes
No
No
No
No
No
IP broadcast
ACL
Yes Yes
Yes
Yes
Yes
Yes
Yes
TABLE 14
Supported Brocade ACL features (Continued)
Features
supported
Brocade
NetIron XMR
Series
Brocade
MLX Series
Brocade
NetIron CES
2000 Series
BASE
package
Brocade
NetIron CES
2000 Series
ME_PREM
package
Brocade
NetIron CES
2000 Series
L3_PREM
package
Brocade
NetIron CER
2000 Series
Base
package
Brocade
NetIron CER
2000 Series
Advanced
Services
package